CN110098940A - Email signature method, apparatus and storage medium - Google Patents

Email signature method, apparatus and storage medium Download PDF

Info

Publication number
CN110098940A
CN110098940A CN201910498033.6A CN201910498033A CN110098940A CN 110098940 A CN110098940 A CN 110098940A CN 201910498033 A CN201910498033 A CN 201910498033A CN 110098940 A CN110098940 A CN 110098940A
Authority
CN
China
Prior art keywords
integer
value
mould
email
prime
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910498033.6A
Other languages
Chinese (zh)
Other versions
CN110098940B (en
Inventor
蔡恒进
吴良顺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuo Erzhi Lian Wuhan Research Institute Co Ltd
Original Assignee
Zhuo Erzhi Lian Wuhan Research Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuo Erzhi Lian Wuhan Research Institute Co Ltd filed Critical Zhuo Erzhi Lian Wuhan Research Institute Co Ltd
Priority to CN201910498033.6A priority Critical patent/CN110098940B/en
Publication of CN110098940A publication Critical patent/CN110098940A/en
Application granted granted Critical
Publication of CN110098940B publication Critical patent/CN110098940B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention provides a kind of Email signature method, it include: to obtain private key to sign electronically to Email, wherein, generating private key includes: that the mould periodicity algorithm based on Fibonacci sequence generates two prime numbers, and generates private key and public key to generating algorithm according to RSA key using described two prime numbers.Wherein, the method for generating the prime number includes: to obtain the set of preset rational k;It is random to generate the first Integer N;It calculatesWherein,For Legendre symbol;The set of the rational k is traversed, mould is calculatedJudge the mouldIt whether is zero, if zero, it is determined that first Integer N is prime number, and using first Integer N as the first prime number, and generates the second prime number according to same method.The present invention also provides a kind of Email signature device and storage mediums.The invention enables Email Securities to be improved.

Description

Email signature method, apparatus and storage medium
Technical field
The present invention relates to technical field of cryptology, and in particular to a kind of Email signature method, Email signature dress It sets and computer readable storage medium.
Background technique
Our daily lifes of Email and work link up in essential tool.It is passed to improve Email content Safety during defeated, is digitally signed commonly using key.Digital signature is the technology using asymmetric encryption field The method for being used to identify digital information realized.And how to make the key generated more reliable, and formation speed is not more rapidly to The disconnected safety for improving encryption data is always the target constantly pursued in this field.
Summary of the invention
In view of problem above, the present invention proposes a kind of Email signature method, apparatus and storage medium, can quickly, It is reliable to generate private key, and signed electronically using the private key to Email, further increase the safety of Email Property.
The first aspect of the application provides a kind of Email signature method, which comprises
Obtain private key, wherein the generation method of the private key includes: that the mould periodicity algorithm based on Fibonacci sequence is raw At two prime number ps and q;Calculate product n=p × q of described two prime numbers;It calculates φ (n)=(p-1) (q-1), wherein φ (n) It is the Euler's function value of n;It is random to generate the second integer e;Judge whether the second integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1;If whether the second integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1, then calculates and meet de ≡ The d value of 1mod φ (n);Public key is used as using (N, the e), private key is used as using (N, d);Wherein, it is based on Fibonacci sequence Mould periodicity algorithm generate two prime number ps and q, comprising: obtain the set of preset rational k;It is random to generate the first integer N;It calculatesWherein,For Legendre symbol;The set of the rational k is traversed, mould is calculatedJudge the mouldIt whether is zero, if zero, it is determined that described First Integer N is prime number, and using first Integer N as the first prime number generated;And the second element is generated according to the method Number;
It is signed electronically using the private key to sent Email.
Preferably, the set generation method of the preset rational k includes:
For Prime sequences (Pn)=2,3,5,7 ... (n=1,2,3,4 ...), successively design factorWherein T is the period of F (x) (mod p), and F (x) is the xth item of Fibonacci sequence, F (x) (mod p) Indicate the least non-negative residue of Fibonacci sequence xth item F (x) the mould integer p;For Legendre symbol;
Determine PnMultiple value intervals of middle n, and calculate the distribution of k value in each value interval;
It determines the frequency of occurrences for calculating k value, is more than the k value set of preset value as the preset rational k using frequency Value set.
Preferably, the set of the preset rational k are as follows: 1,2,4/3,8/7,10/9,12/11,14/13,22/21, 18/17,20/19,28/27}。
Preferably, after generating the first Integer N at random, the step further include: judge whether first Integer N is conjunction Number then gives up first Integer N and regenerates Integer N if closing number.
Preferably, in step " set of the rational k is traversed, mould is calculated" in, pass through Quick Fibonacci sequence modulus algorithm calculates the mouldInclude:
JudgementIt whether is even number;
If even number, then the modulus value is calculated according to following first formula:
Wherein,
If uneven number, the modulus value is calculated according to following second formula:
Wherein,
The second aspect of the application provides a kind of Email signature device, and the Email signature device includes processing Device, the processor is for realizing following steps when executing the computer program stored in memory:
Obtain private key, wherein the generation method of the private key includes: that the mould periodicity algorithm based on Fibonacci sequence is raw At two prime number ps and q;Calculate product n=p × q of described two prime numbers;It calculates φ (n)=(p-1) (q-1), wherein φ (n) It is the Euler's function value of n;It is random to generate the second integer e;Judge whether the second integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1;If the second integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1, then calculates and meet de ≡ 1mod The d value of φ (n);PK={ e, n } is used as public key, SK={ d, n } is used as private key;Wherein, based on the mould of Fibonacci sequence Periodical algorithm generates two prime number ps and q, comprising: obtains the set of preset rational k;It is random to generate the first Integer N;Meter It calculatesWherein,For Legendre symbol;The set of the rational k is traversed, mould is calculatedJudge the mouldIt whether is zero, if zero, it is determined that institute Stating the first Integer N is prime number, and using first Integer N as first prime number generated, and according to the method generation the Two prime numbers;
It is signed electronically using the private key to sent Email.
Third aspect present invention provides a kind of computer readable storage medium, is stored thereon with computer program, the meter Calculation machine program realizes foregoing Email signature method when being executed by processor.
In the present invention when signing electronically to sent Email, the key used is by based on striking Poona What two prime number ps and q that the mould periodicity algorithm of contract ordered series of numbers generates generated, so that the better reliability of private key, and formation speed More quickly, so that the safety of Email is further enhanced.
Detailed description of the invention
Fig. 1 is the key generation method flow chart that an embodiment of the present invention provides.
Fig. 2 is the method flow diagram for generating prime number in Fig. 1 in key generation method.
Fig. 3 is the quick Fibonacci sequence modulus method flow diagram that an embodiment of the present invention provides.
Fig. 4 is that the key generated using Fig. 1 method that an embodiment of the present invention provides carries out Email signature method Flow chart.
Fig. 5 is the functional block diagram for the Email signature system that an embodiment of the present invention provides.
Fig. 6 is the Email signature device hardware structure schematic diagram that an embodiment of the present invention provides.
Specific embodiment
To better understand the objects, features and advantages of the present invention, with reference to the accompanying drawing and specific real Applying example, the present invention will be described in detail.It should be noted that in the absence of conflict, embodiments herein and embodiment In feature can be combined with each other.
In the following description, numerous specific details are set forth in order to facilitate a full understanding of the present invention, described embodiment is only It is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill Personnel's every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Unless otherwise defined, all technical and scientific terms used herein and belong to technical field of the invention The normally understood meaning of technical staff is identical.Term as used herein in the specification of the present invention is intended merely to description tool The purpose of the embodiment of body, it is not intended that in the limitation present invention.
Referring to Fig. 1, the key generation method flow chart provided for one embodiment of the present invention.It is raw by the key The public key and private key generated at method can be used for signing electronically to Email.The specific method of electronic signature will be rear Face is illustrated in conjunction with Fig. 4.
In the present embodiment, the key generation method can be applied in Email signature device, the electronics postal Part signature apparatus can be but not limited to the electronic equipments such as mail server, personal computer, smart phone.For example, when described When computer installation is mail server, after the mail server generates public key and private key using the key generation method, When mobile terminal request generates E-mail address, mail server sends the corresponding public affairs in the E-mail address to the mobile terminal Key and private key, and the public key is disclosed, and the private key is saved by the owner of E-mail address.When user passes through the electronics When mailbox sends mail, it can be signed by the private key to Email.
For needing to generate the Email signature device of key, directly cost can be collected on Email signature device It is used to generate the function of key provided by the method for invention, or with Software Development Kit (Software Development Kit, SDK) form operate on Email signature device.
As shown in Figure 1, the key generation method includes the following steps, step in the flow chart according to different requirements, Sequence can change, certain steps can be omitted.
Step S11, the mould periodicity algorithm based on Fibonacci sequence generates two prime number ps and q.
It is described mathematically to be defined in a recursive manner based on Fibonacci sequence: F (0)=0, F (1)=1, F (x)=F (x-1)+F (x-2), x >=2.That is, the form of the Fibonacci sequence are as follows: 0,1,1,2,3,5,8 ....If F (x) is striking Poona The xth item (x ∈ N*) of contract ordered series of numbers, F (x) (mod d) indicate that the minimum of Fibonacci sequence xth item F (x) the mould integer d is non- Negative residue.For example, as d=2, { F (x) (mod2) }=0,1,1,0,1,1 ... }.If having F (x+T) for any x (modd)=F (x) (modd), then the period of F (x) mould integer d is referred to as T.Because having F (0) (modd) for arbitrary integer d =0 (modd)=0, F (1) (modd)=1 (modd)=1 |.So F (T) (modd)=0, F (T+1) (modd)=1.Such as this Well known to the technical staff of field, for a prime number p,WhereinFor Legendre symbol, also It is to say,Divided exactly by prime number p.It in a sense, is periodically partibility, because of F (0)=0, F (0) (modp)=0, according to periodic definition, there is F (T) (modp)=0, that is to say, that F (T) is divided exactly by prime P, i.e. p ∣ F (T). It can be seen that cycle T withThere are incidence relations.
Based on this, the cycle T of setting F (x) (modp) are as follows:
Wherein, k is the rational for having specific distribution.In the preferred embodiment, take k value set be 1,2,4/3,8/7, 10/9,12/11,14/13,22/21,18/17,20/19,28/27}。
Specifically, it is determined that the method for the k value set value is as follows:
(1) for Prime sequences (Pn)=2,3,5,7 ... (n=1,2,3,4 ...), successively design factorWhen wherein the range of n is 0~100000, partial results are as shown in table 1 below.
The coefficient k value of 1 mould prime period of table
p T k
2 3 1
3 8 2
5 20 5
7 16 2
11 10 1
13 28 2
17 36 2
19 18 1
23 48 2
29 14 1/2
Take n-th of prime number p=pn, when the range of n takes 0~100000,100000~110000,1000000~1010000 When, it is denoted as the 1st, 2,3 test respectively.For each prime number p=pn, calculate
(2) distribution of the k value in above-mentioned section is determined, wherein k value such as the following table 2 institute of the frequency of occurrences 0.1% or more Show:
2 mould prime period coefficient k Distribution value table of table
(3) frequency is more than the k value set of preset value (such as 99%) as the k value by the frequency of occurrences for calculating k value Value set.
It can be obtained by table 1,2, n is in different sections, i.e., certain stability is presented in the prime number of different location, the distribution of k. In 3 tests, the collection of k is combined into { 1,2,4/3,8/7,10/9,12/11,14/13,22/21,18/17,20/19,28/27 } Existing frequency is respectively 99.07%, 99.06%, 99.17%.
As it can be seen that the collection of k is combined into { 1,2,4/3,8/7,10/9,12/11,14/13,22/21,18/17,20/19,28/27 } The frequency of appearance is more than 99%.Therefore, in the present embodiment, the value of the k value set be 1,2,4/3,8/7,10/9, 12/11,14/13,22/21,18/17,20/19,28/27}。
Based on above description, the mould periodicity algorithm in the present invention based on Fibonacci sequence generates two prime number ps and q Specific method will be described in detail in conjunction with Fig. 2 below.As shown in Fig. 2, based on Fibonacci sequence in the step S1 Mould periodicity algorithm generate two prime numbers method include the following steps, according to different requirements, in the flow chart step it is suitable Sequence can change, and certain steps can be omitted.
Step S201, the set of preset rational k is obtained.
Wherein, the collection that the collection of the rational k is combined into foregoing k value be combined into 1,2,4/3,8/7,10/9,12/11, 14/13,22/21,18/17,20/19,28/27}。
Step S202, Integer N is generated at random.
In the preferred embodiment for the present invention, the decimal number that the Integer N generated at random is 100 or more is that is, described Integer N is big integer.
Step S203, judge whether the Integer N is to close number, if closing number, then gives up the Integer N and return step S202 regenerates Integer N;If the Integer N is not to close number, S204 is thened follow the steps.
In one embodiment of the present invention, judge whether the Integer N is that the method for closing number includes:
Whether last for judging the Integer N generated at random is any of 1,3,7,9;If the Integer N Last position be 1, any of 3,7,9, it is determined that the Integer N be not close number, execute the step S204;If described Last position of Integer N is not 1, any of 3,7,9, it is determined that the Integer N is to close number, then giving up the Integer N And step S202 is executed, regenerate Integer N.
In another embodiment of the present invention, judge whether the Integer N is that the method for closing number includes:
Judge whether the Integer N can be divided exactly by 2 or 5, if it is possible to be divided exactly by 2 or 5, it is determined that the Integer N To close number, then give up the Integer N and regenerate Integer N, if the Integer N 2 or 5 must divide exactly, execute Step S204.It is appreciated that the numerical value is not limited in 2 and 5, in other embodiments, being also possible to other can lead to It crosses and divides exactly N to verify whether the Integer N is the numerical value for closing number.
By judging whether the Integer N is to close number, and directly give up when determining that Integer N is to close number in the step 203 Abandon, first exclude the numerical value of non-prime, the step for the beneficial effect that obtains be that preliminary screening can be carried out to Integer N, exclude non- The numerical value of prime number reduces subsequent arithmetic amount, reduces computational complexity, to improve operation efficiency.
In some other embodiments of the present invention, the step S203 also be can be omitted, that is to say, that can also be without The preliminary screening of the Integer N judges.
Step S204, it calculatesWherein,For Legendre symbol.
Legendre symbol can calculate when p be prime number the case where quadratic residue discrimination.Above-mentioned Legendre symbolThe meaning of expression are as follows: integer x if it exists so that x2≡ N (mod5), then just rememberingOtherwise just rememberWhen N is divided exactly by 5, i.e. N | when 5,
Step S205, the set of the rational k is traversed, mould is calculated
In a preferred embodiment of the present invention, the mould is calculatedQuick striking wave can be passed through That contract ordered series of numbers modulus method is realized.The quick Fibonacci sequence modulus method carries out further further in connection with Fig. 3 It is discussed in detail, is first not detailed here.
Step S206, judge the mouldIt whether is zero, if so, S207 is thened follow the steps, If it is not, then return step S202.
Because for prime P, F (T) (modp)=0, andIt can obtain accordingly, if the mouldIt is 0, then illustrates that the Integer N is prime number.If not being 0, illustrating the Integer N not is element Number, if the Integer N generated at random is not prime number, return step S202 regenerates Integer N.
Step S207, it determines that the Integer N is prime number, and exports the prime number N.
Repeating said steps S201-S207 generates second prime number q.
Step S12, the product n=p*q of described two prime numbers is calculated.
Step S13, φ (n)=(p-1) (q-1) is calculated, wherein φ (n) is the Euler's function value of n.
Step S14, integer e is generated at random.
Step S15, judge whether the integer e is greater than 1 and is less than φ (n), and the integer e and φ (n) is relatively prime.That is, Judge whether the integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1, if satisfied, S16 is thened follow the steps, if discontented Foot, then return step S14.
Step S16, multiplicative inverse d of the e at mould φ (n) is calculated.That is, calculating the d value for meeting de ≡ 1mod φ (n).
Step S17, PK={ e, n } is used as public key, SK={ d, n } is used as private key.
Step S18, using the public key and private key as a pair of secret keys to exporting.
When generating private key and public key to generating algorithm according to RSA key in present embodiment, two prime numbers used are bases It being generated in the mould periodicity algorithm of Fibonacci sequence, the method for generating prime number is more reliable and quick, so that private key Reliability is also higher.
As shown in figure 3, for quick Fibonacci sequence modulus method described in above-mentioned steps 205.The method includes Following steps, the sequence of step can change in the flow chart according to different requirements, and certain steps can be omitted.
Step S301, judgeIt whether is even number, if so, S302 is thened follow the steps, if it is not, thening follow the steps S303;
Step S302, the modulus value is calculated according to the first formula.Wherein, first formula are as follows:
Wherein,
Step S303, the modulus value is calculated according to the second formula.Wherein, second formula are as follows:
Wherein,
Wherein, first formula and second formula are according to Matrix ranking algorithm (Maxtrix Exponentiation it) obtains, process is as follows:
Enable parameter n=2k in (formula 1), then:
Therefore, have:
F (2k+1)=F (k+1)2+F(k)2
F (2k)=F (k) [F (k+1)+F (k-1)]
=F (k) [F (k+1)+(F (k+1)-F (k))]
=F (k) [2F (k+1)-F (k)]
That is, our available following two equations:
F (2k)=F (k) [2F (k+1)-F (k)] (formula 2)
F (2k+1)=F (k+1)2+F(k)2(formula 3)
Our (formulas 2) and (formula 3) is referred to as quick doubling algorithm.Quick doubling algorithm can be used for seeking Fibonacci sequence n-th The result of item mould integer d:
F (2k) (modd)=[F (k) [2F (k+1)-F (k)]] (modd)
=[F (k) (modd) * [2F (k+1)-F (k)] (modd)] (modd) (formula 4)
F (2k+1) (modd)=[F (k+1)2+F(k)2](modd)
=[F (k+1)2(modd)+F(k)2(modd)] (modd) (formula 5)
According to (formula 4) and (formula 5), first formula and second formula are obtained.
Referring to Fig. 4, carrying out electricity for the key generated using Fig. 1 to Fig. 3 the method that one embodiment of the invention provides The method flow diagram of sub- mail signature.As shown in figure 4, the key generation method includes the following steps, according to different requirements, The sequence of step can change in the flow chart, and certain steps can be omitted.
Step S401, when receiving request for sending E-mail, Email to be sent is obtained, and to the Email Content generates summary info using hash function.
In one embodiment, summary info is generated using MD5 Message Digest 5 to the Email content.MD5 Message Digest 5 is state of the art, and details are not described herein.
Step S402, the corresponding private key in E-mail address for sending the Email is obtained, using the private key to above-mentioned Summary info electronic signature.Wherein, the private key is the private key generated by Fig. 1 to Fig. 3 the method.
In one embodiment, if m is the summary info for needing to encrypt, c is encrypted abstract ciphertext.When encryption, first Plaintext Bit String is grouped, allows the decimal number m of each clear packetsi< n remembers ciFor corresponding miEncrypted ciphertext, Then Encryption Algorithm is
After signing electronically using the private key to Email, the Email is sent to mail reception side Email.Mail reception side is using summary info described in the corresponding public key decryptions in the E-mail address.Decipherment algorithm are as follows: 0≤ mi< n, 0≤ci< n,Recipient is generating one to the original text received using identical hash function (such as MD5) A summary info, and compared with the summary info of decryption.If identical, illustrate that the information received is completely, to be transmitted across It is not modified in journey, otherwise illustrates that information is modified, therefore described sign electronically is able to verify that the integrality of information.
In some embodiments of the present invention, before the step S401, the Email signature method can be with Include the following steps:
Judge whether the grade of the mail to be sent reaches pre-set level;
When the grade of the mail to be sent reaches the pre-set level, the step S401-S402 is executed, utilizes this The private key that the invention key generation method generates signs electronically to Email to be sent.
Further, the method for judging whether the grade of the mail to be sent reaches pre-set level may include as next Kind is a variety of:
(1) determine whether the grade of the Email reaches default according to the class letter information of Email to be sent Rank, for example, include general, secret, the extremely option that represents mail class information such as secret in the function choosing-item of E-mail address, when User selection it is secret or extremely the preset options such as secret when, determine that the mail grade reaches the pre-set level;
(2) determine whether the grade of the Email reaches pre-set level according to addressee and/sender's identity information, The identity information includes but is not limited to addressee/sender title and rank, affiliated department information etc., for example, working as addressee And/or it is to be related to enterprise that the title and rank of sender, which is department belonging to the higher levels such as president or addressee/sender, The department of confidential technique, then all personnel for belonging to this department corresponds to higher level, when addressee/sender's identity reaches It needs to sign electronically to mail using electric endorsement method of the invention when pre-set level;
(3) determine whether the grade of the Email reaches pre-set level according to the keyword in Email, for example, Key word library is previously stored in computer installation, when there is the text with the keyword match in key word library in mail, Determine that the Email reaches pre-set level.
Made by foregoing Email signature method when being signed electronically to sent Email Key is that two prime number ps generated by the mould periodicity algorithm based on Fibonacci sequence and q are generated, so that private key Better reliability, and formation speed is quicker, so that the safety of Email is further enhanced.
Above-mentioned Fig. 1 to Fig. 4 describes Email signature method of the invention in detail, below with reference to Fig. 5 and Fig. 6, to reality The functional module of the software systems of the existing Email signature method and the hardware for realizing the Email signature method Device architecture is introduced.
It should be appreciated that the embodiment is only purposes of discussion, do not limited by this structure in patent claim.
Referring to Fig. 5, the functional module structure figure of the Email signature system provided for an embodiment of the present invention.
In some embodiments, the Email signature system 100 is run in Email signature device.It is described Email signature system 100 may include multiple functional modules as composed by program code segments.The Email signature The program code of each program segment in system 100 can store in the memory of Email signature device, and by electronics Performed by least one processor in mail signature device, to realize foregoing Email signature function.
In present embodiment, function of the Email signature system 100 according to performed by it can be divided into multiple function It can module.The functional module of the Email signature system 100 may include: prime generation module 101, computing module 102, Integer generation module 103, key production module 104, signature blocks 105.The so-called module of the present invention refers to that one kind can be by extremely A few processor is performed and can complete the series of computation machine program segment of fixed function, and storage is in memory. In the present embodiment, it will be described in detail in subsequent embodiment about the function of each module.The function of each functional module will be under It is described in detail in the embodiment in face.
The prime generation module 101 for the mould periodicity algorithm based on Fibonacci sequence generate two prime number ps and q。
Specifically, the step of prime generation module 101 generates described two prime numbers include:
A1, the set for obtaining preset rational k, wherein the collection of the rational k be combined into foregoing collection for 1, 2,4/3,8/7,10/9,12/11,14/13,22/21,18/17,20/19,28/27}。
A2, Integer N is generated at random.
In the preferred embodiment for the present invention, the decimal number that the Integer N generated at random is 100 or more is that is, described Integer N is big integer.
A3, judge whether the Integer N is to close number, if closing number, then give up the Integer N and return step A2, again Generate Integer N;If the Integer N is not to close number, A4 is thened follow the steps.
A4, calculatingWherein,For Legendre symbol.
Legendre symbol can calculate when p be prime number the case where quadratic residue discrimination.Above-mentioned Legendre symbolThe meaning of expression are as follows: integer x if it exists so that x2≡ N (mod5), then just rememberingOtherwise just rememberWhen N is divided exactly by 5, i.e. N | when 5,
The set of A5, the traversal rational k, calculate mould
In a preferred embodiment of the present invention, the mould is calculatedQuick striking wave can be passed through That contract ordered series of numbers modulus method is realized, is specifically included:
JudgementIt whether is even number;
If even number, the modulus value is calculated according to following first formula:
Wherein,
If not even number, calculates the modulus value according to following second formula:
Wherein,
A6, judge the mouldIt whether is 0, if so, A7 is thened follow the steps, if it is not, then returning Return step A2.
A7, it determines that the Integer N is prime number, and exports the prime number N.
The computing module 102 is used to calculate product n=p × q of described two prime numbers, and calculates φ (n)=(p-1) (q-1), wherein φ (n) is the Euler's function value of n.
The integer generation module 103 judges whether the integer e meets 1 < e < φ for generating integer e at random (n), and gcd (φ (n), e)=1, that is, judge whether the integer e is greater than 1 and is less than φ (n), and the integer e and φ (n) It is relatively prime, if not satisfied, then regenerating integer e.
The computing module 102 is also used to meet 1 < e < φ (n) in the determining integer e of integer generation module 103, and When gcd (φ (n), e)=1, multiplicative inverse d of the integer e at mould φ (n) is calculated, that is, calculating meets de ≡ 1mod φ (n) D value.
The key production module 104 generates public key according to (N, the e), generates private key according to (N, d).
The signature blocks 105 are for obtaining the private key and carrying out electricity to sent Email using the private key Son signature.
Fig. 5 is the functional block diagram for the Email signature device that an embodiment of the present invention provides.The electronics Mail signature device 200 includes memory 201, processor 202 and is stored in the memory 201 and can be in the processing The computer program 203 run on device 202, such as Email signature program.The processor 202 executes the computer journey The step S11-S18 of Email signature method, step S201-S207, S301- in above method embodiment are realized when sequence 203 S303.Alternatively, the processor 202, which executes the computer program 203, realizes each module/unit in above-mentioned apparatus embodiment Module 101-105 in function, such as Fig. 4.
It will be understood by those skilled in the art that the schematic diagram 5 is only the example of Email signature device 200, and The restriction to Email signature device 200 is not constituted, and Email signature device 200 may include more more or less than illustrating Component, perhaps combine certain components or different components, such as the Email signature device 200 can also include To all parts power power supply (such as battery), it is preferred that power supply can by electric power controller and it is described at least one Processor 202 is logically contiguous, to realize the functions such as management charging, electric discharge and power managed by electric power controller.Electricity Source can also include that one or more direct current or AC power source, recharging device, power failure detection circuit, power supply turn The random components such as parallel operation or inverter, power supply status indicator.The Email signature device 200 can also include a variety of Sensor, bluetooth module, Wi-Fi module etc., details are not described herein.
In some embodiments, alleged processor 202 can be central processing unit (Central Processing Unit, CPU), can also include other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate Array (Field-Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or crystal Pipe logical device, discrete hardware components etc..General processor can be microprocessor or the processor be also possible to it is any often The processor etc. of rule.
In some embodiments, the memory 201 can be used for storing the computer program 203 and/or module/mono- Member, the processor 202 is by operation or executes the computer program that is stored in the memory 201 and/or module/mono- Member, and the data being stored in memory 201 are called, realize the various functions of the computer installation 200.Memory 201 May include include read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable programmable is read-only deposits Reservoir (Erasable Programmable Read-Only Memory, EPROM), disposable programmable read-only memory (One- Time Programmable Read-Only Memory, OTPROM), electronics erasing type can make carbon copies read-only memory (Electrically-Erasable Programmable Read-Only Memory, EEPROM), CD-ROM (Compact Disc Read-Only Memory, CD-ROM) or other disc memories, magnetic disk storage, magnetic tape storage or can For carrying or any other computer-readable medium of storing data.
If the integrated module/unit of the Email signature device 200 is realized in the form of SFU software functional unit simultaneously When sold or used as an independent product, it can store in a computer readable storage medium.Based on such reason Solution, the present invention realize all or part of the process in above-described embodiment method, can also instruct correlation by computer program Hardware complete, the computer program can be stored in a computer readable storage medium, the computer program is in quilt When processor executes, it can be achieved that the step of above-mentioned each embodiment of the method.It should be noted that the computer-readable medium packet The content contained can carry out increase and decrease appropriate according to the requirement made laws in jurisdiction with patent practice, such as in certain administration of justice Administrative area does not include electric carrier signal and telecommunication signal according to legislation and patent practice, computer-readable medium.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims Variation is included in the present invention.Any reference signs in the claims should not be construed as limiting the involved claims.This Outside, it is clear that one word of " comprising " does not exclude other units or steps, and odd number is not excluded for plural number.It is stated in computer installation claim Multiple units or computer installation can also be implemented through software or hardware by the same unit or computer installation.The One, the second equal words are used to indicate names, and are not indicated any particular order.
Finally it should be noted that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, although reference Preferred embodiment describes the invention in detail, those skilled in the art should understand that, it can be to of the invention Technical solution is modified or equivalent replacement, without departing from the spirit and scope of the technical solution of the present invention.

Claims (10)

1. a kind of Email signature method, which is characterized in that the described method includes:
Obtain private key, wherein the generation method of the private key includes:
Mould periodicity algorithm based on Fibonacci sequence generates two prime number ps and q, comprising: obtains the collection of preset rational k It closes;It is random to generate the first Integer N;It calculatesWherein,For Legendre symbol;Traverse the collection of the rational k It closes, calculates mouldJudge the mouldIt whether is zero, if zero, Then determine that first Integer N is prime number, and using first Integer N as first prime number generated, and according to the side Method generates second prime number;
Calculate product n=p × q of described two prime numbers;
It calculates φ (n)=(p-1) (q-1), wherein φ (n) is the Euler's function value of n;
It is random to generate the second integer e;
Judge whether the second integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1;
If the second integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1, then calculates and meet de ≡ 1mod φ (n) D value;
PK={ e, n } is used as public key, SK={ d, n } is used as private key;
It is signed electronically using the private key to sent Email.
2. Email signature method as described in claim 1, which is characterized in that the collection symphysis of the preset rational k Include: at method
For Prime sequences (Pn)=2,3,5,7 ... (n=1,2,3,4 ...), successively design factor Wherein T is the period of F (x) (mod p), and F (x) is the xth item of Fibonacci sequence, and F (x) (mod p) indicates the striking Poona The least non-negative residue of contract ordered series of numbers xth item F (x) mould integer p,For Legendre symbol;
Determine PnMultiple value intervals of middle n, and calculate the distribution of k value in each value interval;
It determines the frequency of occurrences for calculating k value, is more than k value set the taking as the preset rational k of preset value using frequency Value set.
3. Email signature method as claimed in claim 2, which is characterized in that the collection of the preset rational k is combined into {1,2,4/3,8/7,10/9,12/11,14/13,22/21,18/17,20/19,28/27}。
4. Email signature method as described in claim 1, which is characterized in that described after generating the first Integer N at random Step further include:
Judge whether first Integer N is to close number, if closing number, then gives up first Integer N and regenerates Integer N.
5. Email signature method as described in claim 1, which is characterized in that " traverse the collection of the rational k in step It closes, calculates mould" in, the mould is calculated by quick Fibonacci sequence modulus algorithmInclude:
JudgementIt whether is even number;
If even number, then the modulus value is calculated according to following first formula:
Wherein,
If uneven number, the modulus value is calculated according to following second formula:
Wherein,
6. a kind of Email signature device, which is characterized in that the Email signature device includes processor, the processing Device is for realizing following steps when executing the computer program stored in memory:
Obtain private key, wherein the generation method of the private key includes: that the mould periodicity algorithm based on Fibonacci sequence generates two A prime number p and q;Calculate product n=p × q of described two prime numbers;It calculates φ (n)=(p-1) (q-1), wherein φ (n) is n Euler's function value;It is random to generate the second integer e;Judge whether the second integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1;If the second integer e meets 1 < e < φ (n), and gcd (φ (n), e)=1, then calculates and meet de ≡ 1mod The d value of φ (n);PK={ e, n } is used as public key, SK={ d, n } is used as private key;Wherein, based on the mould of Fibonacci sequence Periodical algorithm generates two prime number ps and q, comprising: obtains the set of preset rational k;It is random to generate the first Integer N;Meter It calculatesWherein,For Legendre symbol;The set of the rational k is traversed, mould is calculatedJudge the mouldIt whether is zero, if zero, it is determined that institute Stating the first Integer N is prime number, and using first Integer N as first prime number generated, and according to the method generation the Two prime numbers;
It is signed electronically using the private key to sent Email.
7. Email signature device as claimed in claim 6, which is characterized in that calculating mouldWhen, the mould is calculated by quick Fibonacci sequence modulus algorithmInclude:
JudgementIt whether is even number;
If even number, then the modulus value is calculated according to following first formula:
Wherein,
If uneven number, the modulus value is calculated according to following second formula:
Wherein,
8. Email signature device as claimed in claim 6, which is characterized in that generate the collection of the preset rational k Conjunction includes:
For Prime sequences (Pn)=2,3,5,7 ... (n=1,2,3,4 ...), successively design factor Wherein T is the period of F (x) (mod p), and F (x) is the xth item of Fibonacci sequence, and F (x) (mod p) indicates the striking Poona The least non-negative residue of contract ordered series of numbers xth item F (x) mould integer p,For Legendre symbol;
Determine PnMultiple value intervals of middle n, and calculate the distribution of k value in each value interval;
It determines the frequency of occurrences for calculating k value, is more than k value set the taking as the preset rational k of preset value using frequency Value set.
9. Email signature device as claimed in claim 8, which is characterized in that the collection of the preset rational k is combined into {1,2,4/3,8/7,10/9,12/11,14/13,22/21,18/17,20/19,28/27}。
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program Email signature method according to any one of claims 1 to 5 is realized when being executed by processor.
CN201910498033.6A 2019-06-10 2019-06-10 E-mail signature method, device and storage medium Active CN110098940B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910498033.6A CN110098940B (en) 2019-06-10 2019-06-10 E-mail signature method, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910498033.6A CN110098940B (en) 2019-06-10 2019-06-10 E-mail signature method, device and storage medium

Publications (2)

Publication Number Publication Date
CN110098940A true CN110098940A (en) 2019-08-06
CN110098940B CN110098940B (en) 2020-02-11

Family

ID=67450702

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910498033.6A Active CN110098940B (en) 2019-06-10 2019-06-10 E-mail signature method, device and storage medium

Country Status (1)

Country Link
CN (1) CN110098940B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117792660A (en) * 2024-02-23 2024-03-29 南京聚铭网络科技有限公司 Key data anti-repudiation method and system
CN117792660B (en) * 2024-02-23 2024-05-24 南京聚铭网络科技有限公司 Key data anti-repudiation method and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102437912A (en) * 2012-01-06 2012-05-02 厦门博鼎智文传媒科技有限公司 Digital rights management method based on N RSA (Rivest Shamir Adleman) encryption algorithms based on chaotic algorithm
CN107342865A (en) * 2017-06-20 2017-11-10 贵州信安创科技有限公司 A kind of authentication encryption algorithm and decipherment algorithm based on SM4
US20180026786A1 (en) * 2016-07-19 2018-01-25 Yahoo Japan Corporation Encryption device, encryption method, encryption data, and non-transitory computer readable storage medium
US20180115419A1 (en) * 2016-10-26 2018-04-26 Nxp B.V. Method of generating an elliptic curve cryptographic key pair
CN108055128A (en) * 2017-12-18 2018-05-18 数安时代科技股份有限公司 Generation method, device, storage medium and the computer equipment of RSA key

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102437912A (en) * 2012-01-06 2012-05-02 厦门博鼎智文传媒科技有限公司 Digital rights management method based on N RSA (Rivest Shamir Adleman) encryption algorithms based on chaotic algorithm
US20180026786A1 (en) * 2016-07-19 2018-01-25 Yahoo Japan Corporation Encryption device, encryption method, encryption data, and non-transitory computer readable storage medium
US20180115419A1 (en) * 2016-10-26 2018-04-26 Nxp B.V. Method of generating an elliptic curve cryptographic key pair
CN107342865A (en) * 2017-06-20 2017-11-10 贵州信安创科技有限公司 A kind of authentication encryption algorithm and decipherment algorithm based on SM4
CN108055128A (en) * 2017-12-18 2018-05-18 数安时代科技股份有限公司 Generation method, device, storage medium and the computer equipment of RSA key

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王萍: "RSA中大素数的快速生成算法研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117792660A (en) * 2024-02-23 2024-03-29 南京聚铭网络科技有限公司 Key data anti-repudiation method and system
CN117792660B (en) * 2024-02-23 2024-05-24 南京聚铭网络科技有限公司 Key data anti-repudiation method and system

Also Published As

Publication number Publication date
CN110098940B (en) 2020-02-11

Similar Documents

Publication Publication Date Title
PUB Digital signature standard (DSS)
US8472621B2 (en) Protection of a prime number generation for an RSA algorithm
Abidi et al. Implementation of elliptic curve digital signature algorithm (ECDSA)
JP4137385B2 (en) Encryption method using public and private keys
US8509429B2 (en) Protection of a prime number generation against side-channel attacks
US20070143388A1 (en) Prime calculating apparatus, key issuing system, and prime calculation method
US20090041239A1 (en) Pseudo-random function calculating device and method and number-limited anonymous authentication system and method
US20160149708A1 (en) Electronic signature system
CN112149156B (en) System and selector for disclosing recorded attributes and data entries and method therefor
CN110990484A (en) Block chain based information storage method and system, computer equipment and storage medium
Minh et al. Blind signature protocol based on difficulty of simultaneous solving two difficult problems
CN102279840A (en) Method for quickly generating prime number group applicable to information encryption technology
Kuang et al. Benchmark performance of a new quantum-safe multivariate polynomial digital signature algorithm
Isern-Deyà et al. On the practicability of using group signatures on mobile devices: implementation and performance analysis on the android platform
WO2000048359A1 (en) Verification of the private components of a public-key cryptographic system
US7760873B2 (en) Method and a system for a quick verification rabin signature scheme
CN110098940A (en) Email signature method, apparatus and storage medium
Chen et al. Digital multi-signature scheme based on the elliptic curve cryptosystem
Ordonez et al. Digital signature with multiple signatories based on modified ElGamal Cryptosystem
Delcourt et al. Using the Cloud to Determine Key Strengths--Triennial Update
Moldovyan et al. Short signatures from the difficulty of factoring problem
Verkhovsky Deterministic algorithm computing all generators: application in cryptographic systems design
Zega et al. Comparative Analysis of Ciphertext Enlargement on Generalization of the ElGamal and Multi-factor RSA
RU2409903C2 (en) Method of creating and authenticating electronic digital signature certifying electronic document
Sun et al. Batch blind signatures on elliptic curves

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant